Download - Trust Frameworks Explained
![Page 1: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/1.jpg)
Trust Frameworks Explained (in 20 minutes or less)
Andrew Hughes [email protected]
KantaraInitiative.org
![Page 2: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/2.jpg)
WHAT IS A DIGITAL IDENTITY TRUST FRAMEWORK?
Explaining Digital Trust Frameworks in 20 minutes or less
![Page 3: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/3.jpg)
Fun and Exciting!
![Page 4: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/4.jpg)
Current Work Creating a Pan-Canadian Trust Framework for the
Digital Identification & Authentication Council of Canada (DIACC)
Stakeholders include: federal & provincial governments; financial institutions; telecom providers; credit bureaus; identity networks / hubs; credential managers, others
Wildly divergent needs, expectations and operational modes
![Page 5: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/5.jpg)
What is a Digital Identity Trust Framework?
“Digital Identity”• Identity: A reference or designation used to
distinguish a unique and particular individual, organization or device.
• Trusted Digital Identity: ‘a trusted electronic representation of who I am.’
“Framework”• Digital Identity Trust Frameworks define
the ‘rules of the road’ for interactions between organizations when handling identity, authentication and authorization. Often, these Frameworks form the basis of agreements and contracts.
![Page 6: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/6.jpg)
Functions The DIACC Framework covers
Person Identity Proofing (Registration Authorities) Credential Management Authorization policy (PDP) Access control (PEP) Authentication of Credentials (Verifier) Establishment of government authoritative identity
records
![Page 7: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/7.jpg)
WHY USE A DIGITAL IDENTITY TRUST FRAMEWORK?
![Page 8: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/8.jpg)
A reason for a framework?
To make negotiating agreements easier
![Page 9: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/9.jpg)
Reasons for Frameworks STANDARDIZATION of identity, authentication &
access control processes and technologies within a trust community
LESSEN BURDEN by amalgamating published standards to reduce burden of adopters to know all the standards
Framework Profile creation process captures community-specific details, regulated requirements – GOVERNED by a designated body
Assessment & conformance approach will acknowledge and use PRIOR USE and certifications
![Page 10: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/10.jpg)
How?
Framework
Contracts and Agreements
StandardsRegulationsLaws
Framework Profile
![Page 11: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/11.jpg)
Some Details
![Page 12: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/12.jpg)
Digital Trust Framework Elements
Roles & Responsibilities
![Page 13: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/13.jpg)
Digital Trust Framework Elements
Business functions & Expected Processes
![Page 14: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/14.jpg)
Digital Trust Framework Elements
Processes & Criteria (proof of ‘sameness’ and ‘equivalency’)
![Page 15: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/15.jpg)
Digital Trust Framework Elements
Library of Profiles
![Page 16: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/16.jpg)
Tools and Rules Technical protocols Software / servers Cryptography Communication
protocols Standards
Policies for proof of
identity; ‘Levels’ of certainty
Privacy policy Operations practices Designated authorities
![Page 17: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/17.jpg)
The Future Possibilities Model contract clauses Automation for contracts Addition of new roles, responsibilities, business
functions Build a library of framework profiles
![Page 18: Trust Frameworks Explained](https://reader035.vdocuments.mx/reader035/viewer/2022070514/58811a921a28abb9388b5b1b/html5/thumbnails/18.jpg)
Now what?Join us in innovating and verifying trusted identity solutions for the world Kantara Initiative members include global experts from industry and
government in the fields: Identity assurance Privacy Security Policy Information systems assessment
Join. Innovate. Trust. Visit.:
KantaraInitiative.org